Closed
Description
In GitHub Security Advisory GHSA-g44j-7vp3-68cv, there is a vulnerability in the following Go packages or modules:
| Unit | Fixed | Vulnerable Ranges |
|---|---|---|
| github.com/docker/docker | 1.6.1 | >= 1.6.0, < 1.6.1 |
See doc/triage.md for instructions on how to triage this report.
packages:
- package: github.com/docker/docker
versions:
- introduced: 1.6.0
fixed: 1.6.1
description: Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape
containerization ("mount namespace breakout") and write to arbitrary file on the
host system via a symlink attack in an image when respawning a container.
published: 2022-02-15T01:57:18Z
last_modified: 2022-04-12T22:13:08Z
cves:
- CVE-2015-3629
ghsas:
- GHSA-g44j-7vp3-68cv
links:
context:
- https://github.com/advisories/GHSA-g44j-7vp3-68cv